ID.RA-01.151

Does your organization actively monitor cyber threat intelligence sources for information about new vulnerabilities in your products and services?

Explanation

Monitoring cyber threat intelligence sources helps organizations stay informed about newly discovered vulnerabilities that could affect their products and services. This includes tracking security advisories, vulnerability databases (like CVE, NVD), vendor notifications, security blogs, and threat intelligence platforms to identify potential security issues before they can be exploited. Evidence could include documentation of subscribed threat intelligence feeds, screenshots of monitoring dashboards, vulnerability tracking procedures, or reports showing how identified vulnerabilities were assessed for relevance to the organization's products and services.

Implementation Example

Monitor sources of cyber threat intelligence for information on new vulnerabilities in products and services

ID: ID.RA-01.151

Context

Function
ID: IDENTIFY
Category
ID.RA: Risk Assessment
Sub-Category
Vulnerabilities in assets are identified, validated, and recorded

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron